Lucene search
K

4 matches found

Snyk
Snyk
added 2026/03/19 12:44 a.m.3 views

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview @apostrophecms/import-export is an Import Export Documents for ApostropheCMS Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip via the extract function in gzip.js. A user with Global Content Modify permission can write arbitrary file...

9.9CVSS6.4AI score0.00432EPSS
Exploits1References2
Snyk
Snyk
added 2026/01/30 3:53 p.m.5 views

Information Exposure

Overview @vendure/core is an A modern, headless ecommerce framework Affected versions of this package are vulnerable to Information Exposure via the authenticate function. An attacker can determine valid usernames by measuring response times during authentication attempts. Remediation Upgrade...

6.9CVSS5.5AI score0.00364EPSS
Exploits1References2
OSV
OSV
added 2022/06/09 11:15 p.m.6 views

CVE-2017-20023

A vulnerability was found in Solare Solar-Log 2.8.4-56/3.5.2-85 and classified as critical. This issue affects some unknown processing of the component Network Config. The manipulation leads to privilege escalation. The attack may be initiated remotely. Upgrading to version 3.5.3-86 is able to...

9.8CVSS5.3AI score0.00807EPSS
Exploits1References2
OSV
OSV
added 2022/06/09 11:15 p.m.3 views

CVE-2017-20022

A vulnerability has been found in Solare Solar-Log 2.8.4-56/3.5.2-85 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. The attack can be initiated remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is...

7.5CVSS4.8AI score0.01335EPSS
Exploits1References2
Rows per page
Query Builder